Http Digest Authentication

I've updated Ticket #7291 "implement http digest authentication" with fixes for generating a stateless nonce. I'm looking for some help to get this committed.

The nonce is based on time-stamp H(time-stamp ":" session.session_id). An associated nonce_valid? method verifies that the timestamp is recent.


You should probably move that over to lighthouse.


Created ticket #1230 on Lighthouse.

Gregg Kellogg wrote:

Created ticket #1230 on Lighthouse.

I am facing exactly the same problem. Any update?